Количество 2
Количество 2
CVE-2018-19907
A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file (.ftl filetype) that triggers a call to freemarker.template.utility.Execute in the FreeMarker library during rendering of a web page.
GHSA-9fcp-vcq9-9h2h
OS Command Injection in craftercms:crafter-studio
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-19907 A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file (.ftl filetype) that triggers a call to freemarker.template.utility.Execute in the FreeMarker library during rendering of a web page. | CVSS3: 8.8 | 0% Низкий | около 7 лет назад |
| GHSA-9fcp-vcq9-9h2h OS Command Injection in craftercms:crafter-studio | CVSS3: 8.8 | 0% Низкий | около 7 лет назад |
Уязвимостей на страницу